package cn.wolfcode.web.controller;

import cn.wolfcode.domain.Employee;
import cn.wolfcode.qo.JsonResult;
import cn.wolfcode.service.IEmployeeService;
import cn.wolfcode.service.IPermissionService;
import cn.wolfcode.service.impl.EmployeeServiceImpl;
import cn.wolfcode.util.UserContext;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;

import javax.servlet.http.HttpSession;

@Controller
public class LoginController {

    @Autowired
    private IEmployeeService employeeService;

    @Autowired
    private IPermissionService permissionService;

    @RequestMapping("/login")
    @ResponseBody
    public JsonResult login(String username, String password){


            Employee employee = employeeService.login(username, password);
            //把当前登陆用户存到session中
            UserContext.setCurrentUser(employee);

            //判断是否超级管理员, 如果不是就查询
            if ( ! employee.isAdmin()){
                //登陆之前就把用户的权限表达式获取
                UserContext.setExpression(permissionService.selectExpression(employee.getId()));
            }

            return new JsonResult();

    }

    //登出
    @RequestMapping("/logout")
    public String logout(HttpSession session){
        session.invalidate();
        //清理session
        return "redirect:/login.html";
    }
}
